The minimatch package has a vulnerability issue with versions < 3.0.5.
This package is used internally through recursive-readdir:
The problem is that recursive-readdir is used by react-script (create-react-app), which is not maintained anymore.
To fix this issue, the package.json has been updated with the resolutions field to update minimatch to the v3.0.5 (fixing the vulnerability) for the package using the vulnerable version (recursive-readdir)
This should help fixing the vulnerability issue.
PR checklist
Please check if your PR fulfills the following requirements:
[x] Does this PR fix an existing issue, or have you listed the changes applied in the PR description (and why they are needed)?
[x] Have you read the contributing guidelines?
[x] Have you made sure that the title is accurate and descriptive of the changes?
Thank you so much for contributing to Meilisearch!
Pull Request
What does this PR do?
The
minimatch
package has a vulnerability issue with versions < 3.0.5. This package is used internally throughrecursive-readdir
:The problem is that
recursive-readdir
is used by react-script (create-react-app), which is not maintained anymore.To fix this issue, the
package.json
has been updated with the resolutions field to updateminimatch
to the v3.0.5 (fixing the vulnerability) for the package using the vulnerable version (recursive-readdir
)This should help fixing the vulnerability issue.
PR checklist
Please check if your PR fulfills the following requirements:
Thank you so much for contributing to Meilisearch!